Kerberos is a network authentication system which allows clients andservers to authenticate to each other through use of symmetric encryptionand a trusted third party, the KDC. kadmind is the KADM5 administrationserver.

David Coffey discovered an uninitialized pointer free flaw in the RPClibrary used by kadmind. On Red Hat Enterprise Linux 4 and 5, glibcdetects attempts to free invalid pointers. A remote unauthenticatedattacker who can access kadmind could trigger this flaw and cause kadmindto crash. (CVE-2007-2442)

David Coffey also discovered an overflow flaw in the RPC library used bykadmind. On Red Hat Enterprise Linux, exploitation of this flaw is limitedto a denial of service. A remote unauthenticated attacker who can accesskadmind could trigger this flaw and cause kadmind to crash. (CVE-2007-2443)

A stack buffer overflow flaw was found in kadmind. An authenticatedattacker who can access kadmind could trigger this flaw and potentiallyexecute arbitrary code on the Kerberos server. (CVE-2007-2798)

Users of krb5-server are advised to update to these erratum packages whichcontain backported fixes to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-releasederrata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available athttp://kbase.redhat.com/faq/FAQ_58_10188